Este contenido no está disponible en el idioma seleccionado.

Chapter 5. Configuring and maintaining Discovery


After installation is complete, you might have to complete other steps to configure or maintain Discovery. The options that you choose during installation and the way in which you use Discovery can determine the types of configuration and maintenance tasks that you need to perform.

Learn more

If you are going to run network scans with credentials that include SSH keys as the authentication method, then the Discovery application must have access to the keyfile information. To learn more about adding SSH keys to the Discovery application, see the following information:

5.1. Adding SSH keys to the Discovery server for network scans

When you configure sources and credentials for a network scan, you select the type of credential to use to authenticate to the network assets that are being scanned. One of the available options for the credential is to authenticate with a username and SSH keyfile. If you choose this option, you must add a copy of the private key to a specific directory on the server so that Discovery can authenticate to those assets and complete the processes that occur during a scan.

You might have to perform these steps as an ongoing maintenance task as you create and refine the credentials needed for your network scans.

Important

Each SSH private key provided must be copied into the directory that was mapped to /sshkeys path on the server container during the Discovery server installation. In other words, the SSH private key must be copied to your file system at the mount point where the container will look for it. The default path for this mount point directory is "${HOME}"/.local/share/discovery/sshkeys on the system where Discovery is installed. That file path is a shared volume to the container at discovery:/sshkeys.

This process is required because the container must have a standardized mount point to map to the container volume during container initialization. Using a standardized mount point is required for security reasons. A container should never have full access to your entire file system. When you are using the Discovery command line interface or the graphical user interface, using the full path to a resource will result in an error stating that the file is not a valid file on the file system. This message occurs because the container searches for the path on its own file system, not at the full path that is passed to it.

When you or other Discovery users are using the graphical user interface to create network credentials that use SSH, the field that requires the mount point directory location is the SSH Key File field. For the command line interface, it is the --sshkeyfile argument. For both of these options, the default value of the mount point directory is "${HOME}"/.local/share/discovery/sshkeys.

Procedure

To add an SSH keyfile to the Discovery server:

  1. Copy the private key from the keyfile, using the copy method of your choice.
  2. Add the private key to the "${HOME}"/.local/share/discovery/sshkeys directory on the Discovery server, the default location for this directory at the time of server installation.
  3. Repeat these steps as needed for all credentials that use SSH keyfiles as the authentication method, including when relevant new credentials are added.
Red Hat logoGithubRedditYoutubeTwitter

Aprender

Pruebe, compre y venda

Comunidades

Acerca de la documentación de Red Hat

Ayudamos a los usuarios de Red Hat a innovar y alcanzar sus objetivos con nuestros productos y servicios con contenido en el que pueden confiar.

Hacer que el código abierto sea más inclusivo

Red Hat se compromete a reemplazar el lenguaje problemático en nuestro código, documentación y propiedades web. Para más detalles, consulte el Blog de Red Hat.

Acerca de Red Hat

Ofrecemos soluciones reforzadas que facilitan a las empresas trabajar en plataformas y entornos, desde el centro de datos central hasta el perímetro de la red.

© 2024 Red Hat, Inc.